[VOIPSEC] Is the voipsec list still alive? (was: is this thing on? )

Discussion:

=JeffH

2013-11-11 17:13:16 UTC

The list apparently still distributes email to subscribers, but it looks
like the archives stopped archiving after Apr-2011. There has been a very
modest amount of traffic since then. This person noted the list archive
issue in 2012..

###
Subject: [VOIPSEC] Testing the VOIPSEC list
From: Dan York <***@lodestar2.com>
Date: Wed, 2 May 2012 11:37:44 -0400 (08:37 PDT)
To: ***@voipsa.org

VOIPSEC readers,

Just testing the list as the archives do not appear to be working for the list.

(And hey, giving you all a reminder that you are still on this list! :-)

Regards,
Dan
###

This person pointed to where voip security discussions wrt IETF/W3C webrtc
(aka rtcweb) efforts are occurring..

###
Subject: [VOIPSEC] WebRTC and Security
From: "Fabio Pietrosanti (naif)" <***@infosecurity.ch>
Date: Wed, 02 May 2012 22:47:38 +0200
To: ***@voipsa.org

Hi all,

for anyone interested in future voip security related stuff, i would
suggest to join the IETF Rtcweb mailing lists, as in recent months there
are very challenging discussion on Security of WebRTC standard
(Encrypted VoIP embedded in all future browsers).

Subscription on https://www.ietf.org/mailman/listinfo/rtcweb

-naif
###

HTH

=JeffH

Hannes Tschofenig

2013-11-11 17:30:05 UTC

Permalink

Maybe there aren't any security issues with VoIP anymore, Jeff.
This would explain the low email traffic.

Ciao
Hannes

Post by =JeffH
The list apparently still distributes email to subscribers, but it looks
like the archives stopped archiving after Apr-2011. There has been a
very modest amount of traffic since then. This person noted the list
archive issue in 2012..
###
Subject: [VOIPSEC] Testing the VOIPSEC list
Date: Wed, 2 May 2012 11:37:44 -0400 (08:37 PDT)
VOIPSEC readers,
Just testing the list as the archives do not appear to be working for the list.
(And hey, giving you all a reminder that you are still on this list! :-)
Regards,
Dan
###
This person pointed to where voip security discussions wrt IETF/W3C
webrtc (aka rtcweb) efforts are occurring..
###
Subject: [VOIPSEC] WebRTC and Security
Date: Wed, 02 May 2012 22:47:38 +0200
Hi all,
for anyone interested in future voip security related stuff, i would
suggest to join the IETF Rtcweb mailing lists, as in recent months there
are very challenging discussion on Security of WebRTC standard
(Encrypted VoIP embedded in all future browsers).
Subscription on https://www.ietf.org/mailman/listinfo/rtcweb
-naif
###
HTH
=JeffH
_______________________________________________
Voipsec mailing list
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

Conrad Constantine

2013-11-11 18:07:15 UTC

Permalink

Post by Hannes Tschofenig
Maybe there aren't any security issues with VoIP anymore

April 1st doesn't arrive for another 6 months :-P

Shawn Merdinger

2013-11-11 18:53:54 UTC

Permalink

Post by Hannes Tschofenig
Maybe there aren't any security issues with VoIP anymore

Well, NIST NVD search for "voip" yields 4 CVEs in the past 3 years.

http://web.nvd.nist.gov/view/vuln/search-results?query=voip&search_type=last3years&cves=on

Draw what conclusions you will. Mine is this, to quote a leading
ICS/SCADA engineer's prescient comment from a decade ago: "It's all
the same. Nobody cares."

--scm

Conrad Constantine

2013-11-11 19:01:41 UTC

Permalink

Post by Shawn Merdinger

Post by Hannes Tschofenig
Maybe there aren't any security issues with VoIP anymore

Well, NIST NVD search for "voip" yields 4 CVEs in the past 3 years.
http://web.nvd.nist.gov/view/vuln/search-results?query=voip&search_type=last3years&cves=on
Draw what conclusions you will. Mine is this, to quote a leading
ICS/SCADA engineer's prescient comment from a decade ago: "It's all
the same. Nobody cares."
--scm

aye, and to give another spin on it.. when this list got started, VoIP
was still a comparatively new and niche tech - most of my VoIP
experience was in setting up the very first VoIP implementation they'd
ever had, for my clients (2004-2005), which is around when I sub'ed to
this list.

Nearly a decade later, VoIP is everywhere, regular network engineers are
expected to know their way around it and build it into their company
fabric and security posture. "VoIP Security" is now fairly well glom'ed
into "Security". Folks haven't sought out a specialized list like
voipsec because they've been having those discussions in their regular
channels.